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SELF-SYNCHRONOUS DATA SCRAMBLER 

BACKGROUND AND SUMMARY OF THE INVENTION 

This invention relates to the field of digital data transmission 

5 and, more particularly, to the self-synchronous scrambling of a packet 
based transmissions using non-return-to-zero (NRZ) line coding that 
permits the recovery of the reference clock at the receiver. 

NRZ encoded transmission systems are typically designed so 
the timing reference clock at the receiver is recovered solely from 

10 transitions in the received data signal. Information is reliably 
communicated over such systems if the transition density of the 
transmitted data sequence is sufficiently high. If the data sequence 
transition density is not adequate, the recovered timing reference clock in 
the receiver will not track the transmitter timing reference accurately 

15 enough to receive the data sequence error free. When the transition 

density is too low, the receiver timing reference becomes "unlocked" with 
respect to the transmitter timing reference, and communication between 
the transmitter and receiver is lost. 

In order to ensure that adequate data transition density 

20 exists, many NRZ encoded transmission systems rely on scrambling to 
randomize the data prior to transmission. The SONET format, as 
described in GR-253-CORE "Synchronous Optical Network Transport 
Systems: Common Generic Criteria", Revision 1, Dec. 1997, Bellcore, is 
an example of such a system. The frame synchronous SONET scrambler 

25 described in the above publication works well for Time Division 

Multiplexed (TDM) based payload mappings that interleave data from 
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multiple sources into a single SONET frame. For payload mappings that 
accept data from a single source, the SONET frame synchronous 
scrambler may not be adequate. The SONET format suffers from two 
liabilities: 1) it is reset to the same value at the beginning of each SONET 
5 frame; and, more importantly, 2) the length of the sequence before 
repeating is only 127 bits. 

Pubhcation RFC-1619, "PPP over SONET/SDH", Issue 1, 
May 1994, Internet Engineering Task Force, defines a direct mapping of 
the HDLC (high-level Data link control) encapsulated packet based point- 

10 to-point protocol (PPP) into the SONET payload. As is noted in "Self- 
Synchronous Packet Scrambler", U. S. Patent 5,835,602, invented by S. 
Lang, a malicious user may generate packets consisting of the SONET 
frame synchronous scrambler sequence. If such packets are transported 
using the mapping defined in RFC-1619, there is a non-trivial probability 

15 that the packet sequence would be ahgned with the frame-synchronous 
SONET scrambler resulting in long sequences of ones or zeros that could 
disrupt the receive clock recovery circuit. 

U. S. Patent 5,835,602 describes a method of reducing the 
probability of the above-described disruption, which involves adding a 

20 self-synchronizing scrambler after the HDLC (protocol for X.25 packet 
switching networks) packet generation, but before the SONET frame 
generator. This provides protection as long as the malicious user has no 
knowledge of the state of the self- synchronizing scrambler. However, a 
user may have knowledge of the scrambler state at the start of 

25 transmission. The self-synchronizing scrambler is usually initiahzed to a 
pre-defined state (such as all ones). Then, if only HDLC idle flags are 
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passed through the scrambler until the packet transmission is initiated, 
the self-synchronizing scrambler will be in one of a small number of states 
when packet transmission begins. Thus, a malicious user could still 
disrupt transmission with a non-trivial probabihty of success. 
5 It would be advantageous if an improved method of SONET 

data scrambling could be derived that reduced the probability of a user 
guessing the pseudo-random scrambling pattern. It would be 
advantageous if the data could be scrambled in a way that would prevent 
a malicious user from transmitting a long string of "0"s or "l"s which 

10 prevent clock recovery. 

It would be advantageous if the overhead sections of 
packetized data could be scrambled to reduce the possibility of guessing 
the scrambhng code during initiahzation periods, or periods where no 
information is sent. It would be advantageous if the improved method of 

15 data scrambhng could be made backward compatible with contemporary 
encryption schemes. 

Accordingly, an improved scrambhng system for the NRZ 
format communications is provided. The system is applicable to the 
transmission of HDLC data packets according to SONET protocols. The 

20 system comprises a frame generator to accept information to be 

transmitted. The frame generator organizes the information into frames, 
including both the information and system overhead. The input 
information may already be organized in another, distinct, communication 
format. 

25 A self-synchronous scrambling circuit scrambles the frame 

input. That is, scrambhng occurs after the information is organized into 
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frames with the frame overhead. After transmission, a self-synchronous 
de-scrambUng circuit recovers the received scrambled frames to provide 
received frames of information and overhead. A frame terminal removes 
the overhead information associated which each frame to provide the 
5 transmitted, or recovered information. 

The frame generator divides each frame into time 
multiplexed sections. The information and overhead are loaded into 
different sections of the frame. The frame generator also provides the 
timing data, corresponding to the information and overhead frame 

10 periods, to the scrambler. The scrambler has the capability, then, of 
optionally scrambling frame sections in response to the timing data. 
Typically, the information portion of the frame is always scrambled. 
Optionally, the system has the potential of scrambhng the overhead, 
except perhaps for the parts of the overhead that are required to locate 

15 frame boundaries. Further, the sub-sections of the overhead that are 

scrambled can be varied in patterns, providing yet another layer of system 
scrambling. 

Likewise, the frame terminal has an output connected to the 
de-scrambler to provide timing data corresponding the frame information 
20 and overhead sections. The de-scrambler can be programmably engaged 
to de-scramble sections of the overhead in response to higher layer of 
scrambling protocol. 

An improved method of scrambhng communications in a NRZ 
formatted coding system is also provided. The method includes the steps 
25 of: 
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a) 



accepting information to be transmitted; 



b) 



organizing the information into frames including 



information and overhead sections; 



c) 



scrambling the frames; 



5 



de-scrambling the frames; and 



e) 



recovering the information from the frames (removing 



the overhead). 



Step b) includes generating timing data to signal the 



occurrence of the information and overhead sections of the frames, and 
10 Step c) includes scrambling the frames in response the timing data signals 
of Step b). Likewise, Step e) includes generating timing data to signal the 
occurrence of the information and overhead sections of the received 
frames, and Step d) includes de-scrambling the received frames in 
response the timing data signals of Step e). 
15 In accordance with a higher layer of transmission encrs^tion, 

Steps c) and d) can selectively scramble and de-scramble partial sections 
of overhead. Further, the overhead sub-section being scrambled may be 
constantly varied in a pattern that is decipherable to the message 
receiver, but cannot be known, before transmission, by a communication 
20 sender. 



BRIEF DESCRIPTION OF THE DRAWINGS 



Fig, 1 is a schematic block diagram of the present invention 



transmission encr5^tion system. 



25 



Fig. 2 and 3 illustrate aspects of the SONET and 



synchronous transmission module (STM) framing formats. 
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Fig. 4 depicts a simplified version of a self-synchronous data 

scrambler. 

Fig. 5 is a flowchart illustrating steps in a method for 
encrj^ting transmissions. 

5 

DETAILED DESCRIPTION OF THE PREFERRED EMBODIMENT 

The present invention provides an improved method of data 
scrambling to reduce the probability of guessing the state of the 
scrambler. That is, the present invention reduces the hkelihood of 

10 discovering the coding pattern, or the current position in the coding 

pattern. It does this by scrambling packet based mappings after insertion 
into a payload envelope, such as a frame. Such a framing format is used 
in a SONET system. A self-synchronous scrambler encrypts the data 
sequence after it is inserted into the frame. The input to the scrambler 

15 includes the packet data, the flag sequences used to delineate the packets, 
and the bits that are added to the data sequence to form the frame. 

Inclusion of both the HDLC encapsulated packets and fi:ame 
overhead bits in the input to the scrambler increases the number of 
possibilities for the current state of the scrambler, once packet 

20 transmission is initiated. That is, the coding is much more complex. It is 
harder for a malicious user to calculate or guess a sequence, that after 
passing through the self- synchronizing scrambler, matches the SONET 
scrambler (given the current states of these scramblers). The first 
SONET overhead bits inserted by the frame generator within the packet 

25 data after this matching begins, modify the state of the self-synchronizing 
scrambler, and so prevent a resulting run of transmitted ones or zeros. 
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Fig. 1 is a schematic block diagram of the present invention 
transmission encryption system. Encryption system 10 is especially 
useful for the transmission of information encoded in a format using logic 
level transitions to derive the system clock, such as the NRZ format 
5 mentioned earlier. The system comprises a frame generator 12 having a 
first input on line 14 to accept information to be transmitted. Frame 
generator 12 organizes the information into frames including both the 
information and system overhead. Frame generator 12 has an output on 
line 16 to provide frames of information to be transmitted. 

10 Fig. 2 and 3 illustrate aspects of the SONET and 

synchronous transmission module (STM) framing formats. The STM 
mode is similar to SONET, and is part of the European SDH (synchronous 
digital hierarchy) general format that is well understood in the art. In its 
simplest form, the STS-1 (synchronous transfer signal) format can be 

15 envisioned as 9 rows of 90 columns of bytes. The first three bytes are 

SONET overhead, with the following 87 bytes being the payload. Higher 
frame rates (n order) are created from multiples of the synchronous 
transfer signal (STS-1) format. That is, an STS-N signal is formed by N 
byte-interleaved STS-1 signals. Then, the frame format is 9 rows of (90 x 

20 N) byte columns, including (3 x N) bytes of overhead. 

The STM-N frame format is 9 rows of (270 x N) byte columns, 
including (9 x N) bytes of overhead, see Fig. 3. Typically, the SONET 
frames are converted for an optical carrier and the finks are made through 
fiber optic lines. However, the SONET format is appficable to electrical 

25 carrier mediums, such electrical cable lines. The data rates typically vary 
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jErom 51.84 to 2488.32 megabytes per second (Mbps), with the payload 
varying from 50.112 to 2405.376 Mbps. 

The SONET section overhead concerns section 
communications, such as framing information, performance monitoring, 
5 and even a voice channel to facihtate the hnk between repeaters. The Une 
overhead contains information needed for communication to the hne 
terminal equipment. The payload contains the actual information to be 
communicated. This information also contains the path overhead, which 
is specific payload monitoring and performance data that is only of 
10 interest in context of the SONET system. The overhead of higher order 
communications hnks, such as HDLC, is also embedded in the SONET 
pay loads. 

The SONET protocol includes a stack of four layers. The 
photonic layer concerns the interface of electrical and optical signals. The 
15 Section layer concerns the STS-N framing, scrambhng, and overhead. The 
Line layer synchronizes and multiplexes the path layer signals, and the 
Path layer concerns the mapping of services between the path terminals. 

The main advantage of the SONET system is that it can 
directly multiplex many separate slower signals into the high speed 
20 SONET format without significant intermediates stages of multiplexing. 

Returning to Fig. 1, a self-synchronous scrambling circuit 18 
has an input operatively connected to the output of frame generator 12 on 
line 16. Scrambling circuit 18 scrambles the frame input in a Gxst 
predetermined transmission encryption pattern and provides an output of 
25 encrypted frames on line 20. In this manner, the information to be 

transmitted is scrambled after it is organized into frames. That is, not 
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only is the payload of the SONET signal scrambled, the entire SONET 
frame, including overhead sections, is scrambled. Overhead framing 
sequences Al and A2, needed by a frame terminal on the receiving end of 
the SONET communication to identify the received overhead and 
5 information in the frame, are typically not scrambled. 

A data generator 22 has an output operatively connected to 
the input of said frame generator on hne 14 to provide information to be 
transmitted. For example, data generator 22 outputs packets of HDLC 
information in some aspects of the invention, while frame generator 12 

10 accepts and organizes the information and overhead in frames according 
to SONET protocols. 

A self- synchronous de-scrambling circuit 24 has a first input 
operatively connected to the output of scrambling circuit 18 on hne 20. In 
some aspects of the invention optical or electrical links (not shown) are 

15 used to interface scrambler 18 and de-scrambler 24 across long distances. 
De-scrambling circuit 24 decrypts the received encrypted frames in 
accordance with the first encryption pattern to provide received frames of 
information at an output on Une 26. 

A frame terminal 28 has an input operatively connected to 

20 the output of de-scrambling circuit 24 on line 26. Frame terminal 28 

removes the overhead information associated which each frame to provide 
the transmitted information on line 30, whereby the transmitted 
information initially sent by data generator 22 is recovered. For 
convenience, only a one-way line is shown in Fig. 1. However, both sides 

25 of the link have generating and terminal type equipment. A data or 
information terminal 32 has a first input operatively connected to the 
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output of frame terminal 28 on line 30 to receive the transmitted 
information. Frame terminal 28 typically accepts information organized 
into frames according to SONET protocols, and frame terminal 28 
supplies packets of HDLC information. 
5 The present invention encrypts the frame information in the 

sense that a user cannot predict the outcome of the scrambling process. 
That is, the sender of a message cannot deliberately send out a 
predetermined pattern of digits by guessing the state of the scrambler. 
However, the scrambling process does not encrypt the transmission in the 

10 sense that the receiver needs extra information or codes, outside of the 
scrambled SONET frames, to de-scramble the transmission. Using self- 
synchronous de-scrambler 24 and frame terminal 28 receiving equipment 
of the present invention allows the received message to de-scrambled 
without any special coding information received through other sources. 

15 Therefore, the present invention describes a type of encryption for the 
transmission of information. 

Fig. 4 depicts a simphfied version of a self-synchronous data 
scrambler 18. An example is presented below of a fundamental 
encrj^tion process suitable for the above-mentioned first transmission 

20 encrj^tion process of scrambler 18. A first flip-flop 50, or other such 

register, is operatively connected on line 54 to an exclusive OR gate (XOR) 
56, with the output of XOR 56 operatively connected to the input of second 
flip-flop 58 on hne 60. The output of second flip-flop 58 on hne 62 is 
operatively connected to the input of XOR 64. The input data to be 

25 scrambled is input on hne 66. The output of XOR 64 on line 68 is the 
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scrambled output. The scrambled output on line 68 is fedback to flip-flop 
50 and XOR 56. 

To simply demonstrate the scrambUng capabilities of the 
circuit, no signal is input on Une 66, and the signals on hnes 54 and 62 are 

5 arbitrarily assumed to initially both be a "1". Then, the output of XOR 64 
on line 68 is a "1", see the truth table of Fig. 4. In the second cycle, line 62 
is a "0", so that hne 68 becomes a "0". Line 54 remains a "1", and the 
output on line 60 is a "1". At the third cycle the signal on line 62 is a "1", 
so the output on line 68 is a "1". Line 54 is a "0" and line 60 is still a "1". 

10 In the fourth cycle the signal on line 62 is so the signal on Une 68 is a 
"1". Line 54 is a "1" and hne 60 is a "0". The cycle continually outputs the 
series "1", "0", "1", "1" at output 68. When data is added on line 66, it is 
scrambled (added in modulo 2) with the output of flip-flop 58 and the 
result is fedback into scrambler 18, modifying its state. An equivalent de- 

15 scrambling circuit (not shown) recovers the data. 

By including overhead data that the user does not control in 
the self synchronous scrambler data input, the scrambler state becomes 
"encrypted" to the user. An actual scrambler is more complicated than the 
depicted in Fig. 4, using a longer feedback shift register. The self 

20 synchronous scrambler associated with SONET t5^ically has 43 stages 

(X43+1). 

Returning to Fig. 2, in some aspects of the invention the 
frame generator divides each frame into time multiplexed sections 
including a first frame period 70 when information is included in the 
25 frame and a second frame period 72 when overhead is included in the 
frame. In STS-N frames, sections 70 and 72 are interleaved throughout 
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the frame depending on the value of N. Returning to Fig. 1, frame 
generator 12 has a second output on line 80 to provide timing information 
regarding the occurrence of the first and second frame periods, and the 
occurrence of sub-sections inside sections 70 and 72. Scrambler 18 has a 
5 second input operatively connected on line 80 to the second output of 
frame generator 12. Scrambler 18 selectively scrambling frame sections 
in response to the received frame period timing information. In this 
manner, frame sections are selectively encryT)ted for transmission. 

In some aspects of the invention, scrambler 18 encrjT)ts only 

10 the information section (72, see Fig. 2) of each frame in response to timing 
signals received from the second output of frame generator 12. In this 
manner, the overhead data is not scrambled. This permits the system to 
remain backward compatible with present existing scrambling systems. 
The sections of payload concerned with path overhead are typically not 

15 scrambled either, when backward compatibihty is an issue. Alternately, 
scrambler 18 encrypts the information section (72, see Fig. 2), and 
selectively encr5rpts the overhead sections (70) of each frame in a second 
predetermined encryption pattern, in response to timing signals received 
from the second output of frame generator 12. The overhead data is 

20 selectively scrambled to further the encryption process. For example, the 
second encryption pattern may scramble sections of every other overhead 
section, or every third bit in every section of overhead, to name but a few 
second encryption patterns. 

Likewise, frame terminal 28 divides each received frame into 

25 time multiplexed sections including a first frame period when information 
is included in the frame and a second frame period when overhead is 
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included in the frame (see Fig. 2). Frame terminal 28 has a second output 
on line 82 to provide timing information regarding the occurrence of the 
first and second frame periods. De-scrambler 24 has a second input 
operatively connected to second output of the frame terminal on hne 82. 
5 De-scrambler 24 selectively de-scrambles frame sections in response to the 
received frame period timing information, whereby frame sections are 
selectively decrjrpted. 

In some aspects of the invention, de-scrambler 24 encrypts 
only the information section of each frame in response to timing signals 

10 received from the second output of frame terminal 28, whereby the 

overhead data is not de-scrambled. Alternately, de-scrambler 28 decrj^ts 
the information section, and selectively decrypts the overhead section of 
each frame in the second predetermined decryption pattern, in response to 
timing signals received from the second output of frame terminal 28, 

15 whereby the overhead data is selectively de-scrambled to further the 
encryption process. 

Alternately stated, in a digital data transmission system of a 
type that uses logic level transitions for clock recovery, Fig. 1 presents a 
sabotage prevention system. The system prevents a mahcious user from 

20 transmitting long strings of "l"s or "0"s that interfere with clock recovery. 
System 10 comprises a means for generating information 22; a means for 
assembling the information into frames that include both the information 
and system overhead for transmission 12; and a means for self- 
synchronously and continuously scrambling the frames from assembly 

25 means 18, subsequent to the assembly of the frames. 
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Optionally, self-synchronous scrambling means 18, for 
scrambling the assembled frames, includes control inputs with timing 
data that are synchronous to at least one overhead bit in the frame to 
disable scrambUng means 18. The advantage of this embodiment is that 

5 the operator of the transmission system can modify the scrambler 
operation so that further uncertainty can be added to the value of the 
state of the self-synchronizing scrambler on initiation of packet 
transmission. Also, by setting the controls such that the self-synchronous 
scrambler is disabled during all overhead bits generated by the frame 

10 generator, the present invention is backwards compatible with equipment 
that performs self- synchronous scrambhng on the data sequences prior to 
their being assembled into frames and, thus, cannot include frame 
generator overhead bits in the data that is scrambled. 

Fig. 5 is a flowchart illustrating steps in a method for 

15 encrypting transmissions. Step 100 provides a communication format 
using logic level transitions to derive the system clock. Step 102 accepts 
information to be transmitted. Step 104 organizes the information into 
frames including time multiplexed sections of information and sections of 
overhead. Step 106 self- synchronously scrambles the frames in a first 

20 predetermined encryption pattern. Step 108 transmits the scrambled 
frames. Step 110 is a product, where the information and overhead data 
are both encrypted for added security in the transmission of data. 

In some aspects of the invention further steps follow Step 
108. Step 108a (not shown) receive the scrambled frames. Step 108b (not 

25 shown) self-synchronously de-scrambles the frames in accordance with the 
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first encryption pattern. Step 108c (not shown) recovers the information 
from the frames. 

Optionally, Step 104 includes generating timing data to 
signal the occurrence of the information and overhead sections of the 
5 frames. Then, Step 106 includes scrambUng the frames in response the 
timing data signals of Step 104. Step 108c includes generating timing data 
to signal the occurrence of the information and overhead sections of the 
received frames, and Step 108b includes de-scrambling the received 
frames in response the timing data signals of Step 108c. In some aspects 

10 of the invention, Step 106 includes scrambhng only the information 
section of each frame. Alternately, Step 106 selectively scrambles 
overhead sections of the frames in a second predetermined encryption 
pattern, and Step 108b includes selectively de-scrambling overhead 
sections of the received frame in accordance with the second encrjrption 

15 pattern. In this manner, the selective scrambling of overhead furthers the 
encryption process. 

A system and method has been provided to self- 
synchronously scramble SONET style communications. To prevent 
jamming during initiahzation, or during times when no data is being 

20 transferred, flags and SONET overhead data are scrambled, along with 
the payload. Timing controls to the scrambler permit this scrambler to be 
selectively engagable, so that the overhead scrambhng becomes a second 
layer of transmission encryption. Other variations and embodiments of 
the present invention will occur to those skilled in the art. 
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CLAIMS 

What is claimed is: 



1 1. An encryption system for the transmission of 

2 information encoded in a format using logic level transitions to derive the 

3 system clock, the system comprising; 

4 a frame generator having a first input to accept information 



5 to be transmitted, said frame generator organizing the information into 

6 frames including both the information and system overhead, said frame 

7 generator having an output to provide frames of information to be 

8 transmitted; and 



9 a self-synchronous scrambUng circuit having an input 

10 operatively connected to the output of said frame generator, said 

1 1 scrambling circuit scrambling the frame input in a first predetermined 

12 encryption pattern and providing an output of encrypted frames, whereby 

13 the information to be transmitted is scrambled after it is organized into 

14 frames. 

1 2, The encryption system of claim 1 further comprising: 

2 a data generator having an output operatively connected to 

3 the input of said frame generator to provide information to be 

4 transmitted. 

1 3. The encryption system of claim 1 further comprising: 

2 a self-synchronous de-scrambling circuit having a first input 

3 operatively connected to the output of said scrambhng circuit, said de- 
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1 scrambling circuit decrypting the received encrypted frames 

2 in accordance with the first encrjrption pattern to provide received frames 

3 of information at an output. 

1 4. The encryption system of claim 3 further comprising: 

2 a frame terminal having an input operatively connected to 

3 the output of said de-scrambling circuit, said frame terminal removing the 

4 overhead information associated which each frame to provide the 

5 transmitted information, whereby the transmitted information is 

6 recovered. 



1 5. The encr5T)tion system of claim 4 further comprising: 

2 an information terminal having a first input operatively 

3 connected to the output of said frame terminal to receive the transmitted 

4 information. 

1 6. The encryption system of claim 4 in which said frame 

2 generator divides each frame into time multiplexed sections including a 

3 first frame period when information is included in the fii-ame, and a second 

4 frame period when overhead is included in the frame, said fi^ame 

5 generator having a second output to provide timing information regarding 

6 the occurrence of the first and second frame periods, and in which said 

7 scrambler having a second input operatively connected to second output of 

8 said frame generator, said scrambler selectively scrambhng frame sections 

9 in response to the received frame period timing information, whereby 
10 frame sections are selectively encrypted for transmission. 
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1 7. The encryption system of claim 6 in which said 

2 scrambler encrypts only the information section of each frame in response 

3 to timing signals received from the second output of said frame generator, 

4 whereby the overhead data is not scrambled. 

1 8. The encr5^tion system of claim 6 in which said 

2 scrambler encrypts the information section, and selectively encrypts the 

3 overhead section of each frame in a second predetermined encryption 

4 pattern, in response to timing signals received from the second output of 

5 said frame generator, whereby the overhead data is selectively scrambled 

6 to further the transmission encryption process. 

1 9. The encrjTption system of claim 6 in which said frame 

2 terminal divides each received frame into time multiplexed sections 

3 including a first frame period when information is included in the frame 

4 and a second frame period when overhead is included in the frame, said 

5 frame terminal having a second output to provide timing information 

6 regarding the occurrence of the first and second frame periods, and in 

7 which said de-scrambler has a second input operatively connected to 

8 second output of the frame terminal, said de-scrambler selectively de- 

9 scrambling frame sections in response to the received frame period timing 
10 information, whereby frame sections are selectively decrypted. 

1 10. The encryption system of claim 9 in which said de- 

2 scrambler encrypts only the information section of each frame in response 
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3 to timing signals received from the second output of said frame terminal, 

4 whereby the overhead data is not de-scrambled. 

1 11. The encr5^tion system of claim 9 in which said de- 

2 scrambler decrypts the information section, and selectively decrypts the 

3 overhead section of each frame in the second predetermined decrj^tion 

4 pattern, in response to timing signals received from the second output of 

5 said frame terminal, whereby the overhead data is selectively de- 

6 scrambled to further the transmission encrjrption process. 

1 12. The encryption system of claim 9 in which said frame 

2 generator accepts packets of HDLC information, in which said frame 

3 generator organizes the information and overhead in frames according to 

4 SONET protocols, in which said frame terminal accepts information 

5 organized into frames according to SONET protocols, and in which said 

6 frame terminal supplies packets of HDLC information. 



1 13. In a communication format using logic level 

2 transitions to derive the system clock, a method for encrypting 

3 transmissions comprising the steps of: 

4 a) accepting information to be transmitted; 

5 b) organizing the information into frames including time 

6 multiplexed sections of information and sections of overhead; 

7 c) self-synchronously scrambling the frames in a first 

8 predetermined encryption pattern; and 
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9 d) transmitting the scrambled frames, whereby the 

10 information and overhead data are both encrs^pted for added security. 

1 14. The method of claim 13 further comprising the steps, 

2 following Step d), of: 

3 e) receiving the scrambled frames; 

4 f) self-synchronously de-scrambUng the frames in 

5 accordance with the. first encryption pattern; and 

6 g) recovering the information from the frames. 

1 15. The method of claim 14 in which Step b) includes 

2 generating timing data to signal the occurrence of the information and 

3 overhead sections of the frames, and in which Step c) includes scrambling 

4 the frames in response the timing data signals of Step b). 

1 16. The method of claim 15 in which Step g) includes 

2 generating timing data to signal the occurrence of the information and 

3 overhead sections of the received frames, and in which Step f) includes de- 

4 scrambhng the received frames in response the timing data signals of Step 

5 g). 



1 17. The method as in claim 16 in which Step c) selectively 

2 scrambhng overhead sections of the frames in a second predetermined 

3 encryption pattern, and in which Step f) includes selectively de- 

4 scrambling overhead sections of the received frame in accordance with the 
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5 second encrj^tion pattern, whereby the selective scrambling of overhead 

6 furthers the encryption process. 

1 18. The method as in claim 15 in which Step c) includes 

2 scrambling only the information section of each frame. 

1 19. In digital data transmission of a type that uses logic 

2 level transitions for clock recovery, a sabotage prevention system 

3 comprising: 

4 a means for generating information; 

5 a means for assembhng the information into frames that 

6 include both the information and system overhead for transmission; and 

7 a means for self- synchronously and continuously scrambling 

8 the frames from said assembly means, subsequent to the assembly of the 

9 frames, whereby information and overhead are encr5rpted for 
10 transmission. 

1 20. The system as in claim 19 in which said self- 

2 synchronous scrambling means includes control inputs with timing data 

3 that are synchronous to at least one overhead bit in the frame to disable 

4 said scrambling means, whereby the scrambhng operation becomes 

5 modifiable. 
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ABSTRACT OF THE INVENTION 

An encryption system has been provided to self- 
synchronously scramble communications where the receiver must recover 
the clock information from the data stream, such as the SONET format. 
5 To prevent jamming during initiahzation, or during times when no data is 
being transferred, flags and overhead data are scrambled, along with the 
pay load* Timing controls to the scrambler permit this scrambler to be 
selectively engagable, so that the selective overhead scrambling becomes a 
second layer of scrambUng. A method of self- synchronously scrambling 
10 the overhead in NRZ formatted communications is also provided. 
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